Why vulnerabilities are like buses
How organisations can address the growing trend in which multiple vulnerabilities within a single product are exploited over a short period.
NCSC Feed
To AV, or not to AV?
3 years 5 months ago
Do you need antivirus (AV) products on smartphones and tablets?
Zero Trust: Is it right for me?
3 years 9 months ago
The first in a series of blogs to ease your journey towards a zero trust architecture.
Brightening the outlook for security in the cloud
3 years 9 months ago
The NCSC's Cloud Security Research Lead suggests some approaches to help you get confidence in cloud services.
Cloudy with a chance of transparency
3 years 9 months ago
In part 2 of his Cloud Blog Trilogy, Andrew explains why it's better for everyone if cloud providers are willing to be open about how they run their services.
Serving up some server advice
3 years 9 months ago
Highlighting guidance which will help you secure your servers
Assuring Smart Meters
3 years 9 months ago
How we made our commercial assurance business react to the demand of the Smart Meter programme, and how we can use this as a catalyst for future improvement.
The first Certified Cyber Professional (CCP) Specialism is now live!
3 years 10 months ago
'Risk Management' is the first certifiable specialism under the NCSC's revised CCP scheme.
Site colour test
4 years 2 months ago
Test of the colour combinations which can be used on the website for use by anyone building or developing content.
What is OT malware?
4 years 2 months ago
How malware works on Operational Technology (OT) and how to stop it.
New brochure published to support academic researchers
4 years 6 months ago
Everything you need to know about the 19 Academic Centres of Excellence in Cyber Security Research (ACE-CSR) in one place
The elephant in the data centre
4 years 6 months ago
A new white paper from the NCSC explains the potential benefits of adopting a cloud-system.
The leaky pipe of secure coding
4 years 8 months ago
Helen L discusses how security can be woven more seamlessly into the development process.
Malicious macros are still causing problems!
5 years ago
Andrew A explains the updated guidance for Microsoft Office macros
Understanding Software as a Service (SaaS) security
6 years ago
An outline of the NCSC's approach to understanding the security of Software as a Service (SaaS) offerings.
Maturity models in cyber security: what's happening to the IAMM?
6 years ago
Here we explain a bit about maturity models, look at how they've been used for cyber security, and explain why the NCSC is no longer supporting the IA Maturity Model (IAMM) introduced in 2008.
CERT-UK Annual Report 2015/16
6 years 2 months ago
"Do what I mean!" - time to focus on developer intent
6 years 2 months ago
In this post I propose that the software development community should work on developing and then standardising security-related libraries that focus on what the developer is trying to achieve.
Are security questions leaving a gap in your security?
6 years 3 months ago
Even the best authentication can't help you if there is an easy way to bypass it.
Cyber resilience - nothing to sneeze at
6 years 3 months ago
David K introduces the concept of cyber resilience, and the benefits it brings.
Checked
11 minutes 22 seconds ago
This includes feeds from report, guidance and blog-post
NCSC Feed feed